all InfoSec news
Device Tracking via Linux's New TCP Source Port Selection Algorithm (Extended Version). (arXiv:2209.12993v1 [cs.CR])
Sept. 28, 2022, 1:20 a.m. | Moshe Kol, Amit Klein, Yossi Gilad
cs.CR updates on arXiv.org arxiv.org
We describe a tracking technique for Linux devices, exploiting a new TCP
source port generation mechanism recently introduced to the Linux kernel. This
mechanism is based on an algorithm, standardized in RFC 6056, for boosting
security by better randomizing port selection. Our technique detects collisions
in a hash function used in the said algorithm, based on sampling TCP source
ports generated in an attacker-prescribed manner. These hash collisions depend
solely on a per-device key, and thus the set of collisions …
algorithm device device tracking linux port tcp tracking version
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India